2.2 murder backend authentication problems

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



I've been wrestling with a new cyrus murder setup. At this point, edits made to a backend server are properly propigated through the master and frontends.

Now, i'm trying to test administration through the frontend servers. For example, when i connect to a frontend server and issue a `CREATE user.testuser imap-backend` the frontend logs show the following:
------------
May 18 10:00:28 imap-frontend imap[24327]: accepted connection
May 18 10:00:28 imap-frontend imap[24327]: mystore: starting txn 2147483656
May 18 10:00:28 imap-frontend imap[24327]: mystore: committing txn 2147483656 May 18 10:00:28 imap-frontend imap[24327]: starttls: TLSv1 with cipher AES256-SHA (256/256 bits new) no authentication May 18 10:00:28 imap-frontend imap[24327]: login: <client> [128.113.124.76] <cyrusadmin> PLAIN+TLS User logged in
May 18 10:00:28 imap-frontend imap[24327]: Doing a peer verify
May 18 10:00:28 imap-frontend imap[24327]: Doing a peer verify
May 18 10:00:28 imap-frontend imap[24327]: received server certificate
May 18 10:00:28 imap-frontend imap[24327]: starttls: TLSv1 with cipher AES256-SHA (256/256 bits new) no authentication May 18 10:00:28 imap-frontend imap[24327]: couldn't authenticate to backend server: no mechanism available
May 18 10:00:28 imap-frontend imap[24327]: PROTERR: end of file reached
----------
and the backend:
----------
May 18 10:00:28 imap-backend imap[5517]: accepted connection
May 18 10:00:28 imap-backend imap[5517]: mystore: starting txn 2147483674
May 18 10:00:28 imap-backend imap[5517]: mystore: committing txn 2147483674
May 18 10:00:28 imap-backend imap[5517]: starttls: TLSv1 with cipher AES256-SHA (256/256 bits new) no authentication
-----------
Network dumps show that its using TLS, but i can't tell what the traffic looks like after TLS starts. I've manually logged in with LOGIN to verify that the <cyrusproxy>,<proxypasswd> combo is valid on the backend server

Here are the pertainant pieces of my frontend imapd.conf...
-----------
configdirectory: /var/lib/imap
partition-default: /tmp
admins: <cyrusadmin>

proxy_authname: <cyrusproxy>
imap-backend_passwd: <proxypass>

postuser: sharedfolders
allowplaintext: 1
sasl_pwcheck_method: saslauthd
sasl_mech_list: PLAIN LOGIN GSSAPI
sasl_minimum_layer: 0
tls_key_file: /etc/ssl/cert.key
tls_cert_file: /etc/ssl/cert.cert
tls_ca_file: /etc/ssl/CA.cert

# Murder
mupdate_username: <cyrusproxy>
mupdate_authname: <cyrusproxy>
mupdate_password: <proxypass>
mupdate_server: <imap-master.domain.tld>
---------
And the relivant parts of the backend config:
---------
admins: <cyrusadmin> <cyrusbackend>
postuser: sharedfolders

allowplaintext: 1
sasl_pwcheck_method: saslauthd
sasl_mech_list: PLAIN LOGIN GSSAPI
sasl_minimum_layer: 0

# SSL
tls_key_file: /etc/ssl/cert.key
tls_cert_file: /etc/ssl/cert.cert
tls_ca_file: /etc/ssl/CA.cert

# Murder
mupdate_username: <cyrusbackend>
mupdate_authname: <cyrusbackend>
mupdate_password: <backendpasswd>
mupdate_server: <imap-master.domain.tld>
proxyservers: <cyrusbackend> <cyrusproxy>
allowusermoves: 1
---------

If anyone has suggestions it would be very much appreciated.

Thanks.

--
Brenden Conte
System Programmer, C&MT.CIO
Rensselaer Polytechnic Institute
(518)276-4264
----
Cyrus Home Page: http://asg.web.cmu.edu/cyrus
Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu
List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html

[Index of Archives]     [Cyrus SASL]     [Squirrel Mail]     [Asterisk PBX]     [Video For Linux]     [Photo]     [Yosemite News]     [gtk]     [KDE]     [Gimp on Windows]     [Steve's Art]

  Powered by Linux